diff mbox

[v6,5/9] bgmac: add check for oversized packets

Message ID 1428968537-6181-5-git-send-email-nbd@openwrt.org
State Superseded, archived
Delegated to: David Miller
Headers show

Commit Message

Felix Fietkau April 13, 2015, 11:42 p.m. UTC 
In very rare cases, the MAC can catch an internal buffer that is bigger
than it's supposed to be. Instead of crashing the kernel, simply pass
the buffer back to the hardware

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
---
 drivers/net/ethernet/broadcom/bgmac.c | 7 +++++++
 1 file changed, 7 insertions(+)

Comments

Rafał Miłecki April 14, 2015, 5:56 a.m. UTC | #1 
On 14 April 2015 at 01:42, Felix Fietkau <nbd@openwrt.org> wrote:
> In very rare cases, the MAC can catch an internal buffer that is bigger
> than it's supposed to be. Instead of crashing the kernel, simply pass
> the buffer back to the hardware
>
> Signed-off-by: Felix Fietkau <nbd@openwrt.org>

Acked-by: Rafał Miłecki <zajec5@gmail.com>
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
diff mbox

Patch

diff --git a/drivers/net/ethernet/broadcom/bgmac.c b/drivers/net/ethernet/broadcom/bgmac.c
index f897e62..eafdbca 100644
--- a/drivers/net/ethernet/broadcom/bgmac.c
+++ b/drivers/net/ethernet/broadcom/bgmac.c
@@ -440,6 +440,13 @@  static int bgmac_dma_rx_read(struct bgmac *bgmac, struct bgmac_dma_ring *ring,
 				break;
 			}
 
+			if (len > BGMAC_RX_ALLOC_SIZE) {
+				bgmac_err(bgmac, "Found oversized packet at slot %d, DMA issue!\n",
+					  ring->start);
+				put_page(virt_to_head_page(buf));
+				break;
+			}
+
 			/* Omit CRC. */
 			len -= ETH_FCS_LEN;